Whenever someone brings up storage encryption I always wonder what protection they think it gives them.

So what threat are you considering device or SDCARD encryption as protection against.

For most people a strong password, which you need if you're going to use device encryption, gives them the equivalent protection.

Device encryption is like a safe. If the safe is locked the contents are protected. If you encrypt your device memory it is only locked when the phone is off. As soon as you start it, especially after you log in the safe is open.

Whenever someone brings up storage encryption I always wonder what protection they think it gives them.

So what threat are you considering device or SDCARD encryption as protection against.

For most people a strong password, which you need if you're going to use device encryption, gives them the equivalent protection.

Device encryption is like a safe. If the safe is locked the contents are protected. If you encrypt your device memory it is only locked when the phone is off. As soon as you start it, especially after you log in the safe is open.

Posted via CB10

It's a good idea, depending on what you have on your SD card, to encrypt it. If it's removed from the phone no one is able to view the contents.

Whenever someone brings up storage encryption I always wonder what protection they think it gives them.

So what threat are you considering device or SDCARD encryption as protection against.

For most people a strong password, which you need if you're going to use device encryption, gives them the equivalent protection.

Device encryption is like a safe. If the safe is locked the contents are protected. If you encrypt your device memory it is only locked when the phone is off. As soon as you start it, especially after you log in the safe is open.

You're assuming that the director of the FBI knows about cryptography and isn't engaging in miss information.

So the FBI gets your phone. If they also get your password, or fingerprint in some cases, they don't have to worry about encryption. If they can't get your password and fingerprint isn't used, then they have to disassemble the phone to extract a memory image from it. Not something they can do on a short time. But if you are a potential target for such attention then encryption would help and you can turn it on.

The next question is if the provider really can't divulge your keys. In the face of a warrant or NSL don't is not the same as can't. Apple has a long history of over selling their security. They say that they can't decrypt iMessages. But since they manage the keys they could if they wanted to, or were forced to.

The other issue is data leaving the device. Email, cloud storage etc. And applications you load on the device. All of these capabilities bypass device encryption. So for device encryption to keep your data safe from the FBI you would have to be very disciplined against there use. Even Apple said their "can't decrypt" statements don't apply to iCloud and other online services.

So these announcements by Apple and Google are all very well, but won't change the security situation for most of their customers, who are their own worst enemies when it comes to security. Should BlackBerry make a similar decision and announcement knowing it isn't really true?

If I may... The encryption of the system is activated since iOS7. What's new in iOS8 ? Personal data (pictures and SMS) is now also encrypted.
Now, to be brief, the encryption key is a hash between you password and an UID hard stored in a ship on the phone.
So, to decrypt the data, you need to do it on the phone and the hash function take something like 80ms to execute. Can you compute the time needed to brute force this data ? Take years...
Well, as usual, if your password is not strong enough like a PIN (4 digits), it will take half an hour. But if you have a strong alphanumeric 8 characters minimum passwords, it will take roughly... well, more than 2 years.
That said, you all know that this announcement from Apple is just a marketing buzz...